Learn how to integrate the security capabilities of MobileFirst Foundation with IBM API Connect by using the MobileFirst OAuth Provider API template.

In this video:

In this video, discover how to integrate the security capabilities of MobileFirst Foundation with IBM API Connect by using the MobileFirst OAuth Provider API template.

MobileFirst security basics include:

  • Security test, a set of tests used to protect a resource
  • Realm creates a relationship between a MobileFirst login module and a MobileFirst authenticator to provide a means of authentication
  • Authenticator parses incoming requests from a MobileFirst client to search for required credentials when a protected resource is requested
  • Login module validates the credentials of incoming requests
  • User identity, created after successful validation of credentials, contains at minimum a user name and a display name – it can contain other attributes
  • Challenge handlers, the client-side JavaScript included in a MobileFirst app that is created by the developer, manages an authentication challenge from the server

API Connect is an API management product that addresses critical aspects of the API lifecycle for both on-premises and cloud environments, providing the capability to create, run, manage, and secure APIs and microservices.

OAuth is an open standard for token-based authentication and authorization on the Internet. An OAuth provider API contains the authorization and token endpoints of an OAuth flow.

More information on Bluemix and MobileFirst

developerWorks Connect

developerWorks Connect

Tutorials, demos, tips, how-to guides, and discussions with technical experts in software development, by developers, for developers.

View more episodes of developerWorks Connect

Get email notifications for new episodes of dW Connect

Join The Discussion

Your email address will not be published. Required fields are marked *